I have a 10.13.6 fresh build mac with an local admin account created by macOS setup Assistant it has a secureToken, but then i bind the machine to our AD which has the setting enabled for mobile accounts, then login as a AD user and get the prompt Enter a secureToken Administrators name and password to allow this mobile account to use file vault.
You can select bypass but would prefer we dont get this prompt in the first place for non filevaulted machines.
Does anyone know how to suppress this?
thanks
Solved
Suppress Enter a secureToken Administrators name and password to allow this mobile account to use file vault.
+5Best answer by mark_mahabir
Take a look at this, works well for us.
+5Thanks, However i uploaded this to jamf pro and made a configuration profile of it. Downloaded and installe don a machine and tested.
But i still get the Suppress Enter a secureToken Administrators name and password to allow this mobile account to use file vault. when i login as a cached Managed mobile account. Did you say you have this working on 10.13.6 ?
Or am i doing something wrong here?
+6I also use the profile in the link shared by mark.mahabir and it works perfectly on 10.13.6 machines. These are on machines bound to AD and create a mobile account at login.
+6Here are the steps I took. From here download the zip file and pull out the config file from the folder. Upload a new config profile, upload the .comfig file, name config profile, save and deploy. That was it for me. Mine is set to auto install at computer level.
+5Thanks, i missed the download zip and was copying pasting the xml.
I guess thats where i went wrong, anyway now i have downlaoded the zip its working fine.
very many Thanks
+18@markc0 @mark.mahabir @J.Mukite I would encourage you all to vote up this feature request and voice your opinion on jamf implementing this.
macOS supports it. Jamf should too.
+15Great stuff, upvoted!
+4Got the profile set up, and the securetoken message no longer displays when adding a new user, however, now I'm having issues with the user accounts not being able to unlock the volume after a restart, and I cannot enable the user from system preferences.
Anyone else run into this, or know of any workarounds?
@J.Mukite Once I've pulled the config file out of the zip folder, where do I upload it to? I don't have experience modifying config profiles so if you could point me in the right direction it would be much appreciated.
+12Can someone please tell/show how to implement this? I'm still learning how to use Jamf for some of the finer things beyond a basic profile or policy. @J.Mukite perhaps?
Is it just me that this seems like a silly thing to be prompted about when Filevault isn't actually turned on for a drive?
+7still works on sonoma. Just reimaged a bunch of m1 laptops from monetary and they are all doing this. The fix does still work.
Enter your E-mail address. We'll send you an e-mail with instructions to reset your password.